[Apiman-user] CORS
Fadi Abdin
fadiabdeen at gmail.com
Mon Aug 17 11:23:07 EDT 2015
Thank you Marc,
Is there a work around that you can think of ?
I'm doing it with angularjs , very simple
$http({method: 'GET', url: 'http://server/apiman-gateway/service', headers:
{
'Authorization': 'Bearer XXXXXXXXXXXXX'}
});
I assume you will fix it in the new version , right?
On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy <marc.savy at redhat.com> wrote:
> Hi,
>
> This is related to the JIRA I linked you to (
> https://issues.jboss.org/browse/APIMAN-516). Because of the way the
> policy chain currently works the behaviour of CORS is invalid in a few very
> specific cases (e.g. when you stack it with an auth policy). I'll let you
> know when it's fixed.
>
> Regards,
> Marc
>
> On 17/08/2015 15:44, Fadi Abdin wrote:
>
>> I have a problem in calling a service in apiman-gateway with the
>> Authorization: Bearer <token> in the header.
>>
>> It seems to preflight OPTIONS and return
>>
>> 1.
>> X-Policy-Failure-Message:
>> OAuth2 'Authorization' header or 'access_token' query parameter must
>> be provided.
>>
>> I am sending the bearer token with the request and i make sure in the
>> preflight its sent in the request.
>>
>> 1.
>> Access-Control-Request-Headers:
>> accept, authorization
>>
>> Does anyone know if there Is something i'm missing ? do i need to get
>> authorization enabled or added anywhere ? as a side note i have below in
>> my api as well:
>>
>> response.setHeader("Access-Control-Allow-Headers", "Authorization");
>>
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150817/a01a1fa9/attachment.html
More information about the Apiman-user
mailing list